{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14095", "assignerOrgId": "46b595e9-1acc-41cb-9398-adaf98d37a9b", "state": "PUBLISHED", "assignerShortName": "Radiometer", "dateReserved": "2025-12-05T10:49:53.501Z", "datePublished": "2025-12-17T11:45:43.341Z", "dateUpdated": "2025-12-17T21:46:57.088Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ABL90 FLEX and ABL90 FLEX PLUS Analyzers", "vendor": "Radiometer Medical Aps", "versions": [{"status": "affected", "version": "All application software versions with Windows 7, Windows XP as underlying OS", "versionType": "ABL90 DMS(Data Management System) Application"}, {"status": "affected", "version": "Application software versions < 3.5MR11 with Windows 10 as underlying OS"}]}, {"defaultStatus": "unaffected", "product": "AQT90 FLEX Analyzers", "vendor": "Radiometer Medical Aps", "versions": [{"status": "affected", "version": "All Application software versions <= 8.13 MR2", "versionType": "AQT90 DMS(Data Management System) Application"}]}, {"defaultStatus": "unaffected", "product": "ABL800 BASIC and ABL800 FLEX Analyzers", "vendor": "Radiometer Medical Aps", "versions": [{"status": "affected", "version": "Application software versions < 6.20 MR2 with Windows 7, Windows XP as underlying OS", "versionType": "ABL800 DMS(Data Management System)"}, {"status": "affected", "version": "Application software versions < 6.20 MR2 with Windows 10 as underlying OS", "versionType": "ABL800 DMS(Data Management System)"}]}, {"defaultStatus": "unaffected", "product": "ABL9 Analyzers", "vendor": "Radiometer Medical Aps", "versions": [{"status": "affected", "version": "Application software versions < 1.5.0", "versionType": "CABO application"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Physical access to the analyzer is needed\n\n<br>"}], "value": "Physical access to the analyzer is needed"}], "credits": [{"lang": "en", "type": "reporter", "value": "Florian Hauser and Fabian Weber from CODE WHITE GmbH"}], "datePublic": "2025-11-04T12:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A \"Privilege boundary violation\" vulnerability is identified affecting multiple Radiometer Products. Exploitation of this vulnerability gives a user with physical access to the analyzer, the possibility to gain unauthorized access to functionalities outside the restricted environment. The vulnerability is due to weakness in the design of access control implementation in application software.&nbsp;<br><br>Other related CVE's are CVE-2025-14096 &amp; CVE-2025-14097.<br><br>Affected customers have been informed about this vulnerability. This CVE is being published to provide transparency.<br><br>Required configuration for Exposure:<br>\n\n<span style=\"background-color: rgb(255, 255, 255);\">Physical access to the analyzer is needed.<br></span><br>Temporary work Around:<br>\n\nOnly authorized people can physically access the analyzer. <span style=\"background-color: rgb(255, 255, 255);\"><br><br>Permanent solution:<br></span>Local Radiometer representatives will contact all affected customers to discuss a permanent solution.<span style=\"background-color: rgb(255, 255, 255);\"><br><br>\n\n<span style=\"background-color: rgb(255, 255, 255);\">Exploit Status:<br>Researchers have provided working proof-of-concept. Radiometer is not aware of any publicly available exploit at the time of publication.&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Note: \n\n<span style=\"background-color: rgb(255, 255, 255);\">CVSS score 6.8 when underlying OS is Windows 7 or Windows XP Operating systems</span>&nbsp;and CVSS score 5.7 when underlying OS is Windows 8 or Windows 10 operating systems.</span></span><br></span><p></p>"}], "value": "A \"Privilege boundary violation\" vulnerability is identified affecting multiple Radiometer Products. Exploitation of this vulnerability gives a user with physical access to the analyzer, the possibility to gain unauthorized access to functionalities outside the restricted environment. The vulnerability is due to weakness in the design of access control implementation in application software.\u00a0\n\nOther related CVE's are CVE-2025-14096 & CVE-2025-14097.\n\nAffected customers have been informed about this vulnerability. This CVE is being published to provide transparency.\n\nRequired configuration for Exposure:\n\n\nPhysical access to the analyzer is needed.\n\nTemporary work Around:\n\n\nOnly authorized people can physically access the analyzer. \n\nPermanent solution:\nLocal Radiometer representatives will contact all affected customers to discuss a permanent solution.\n\n\n\nExploit Status:\nResearchers have provided working proof-of-concept. Radiometer is not aware of any publicly available exploit at the time of publication.\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Note: \n\nCVSS score 6.8 when underlying OS is Windows 7 or Windows XP Operating systems\u00a0and CVSS score 5.7 when underlying OS is Windows 8 or Windows 10 operating systems."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Researchers have provided working proof-of-concept. Radiometer is not aware of any publicly available exploit at the time of publication.\n\n<br>"}], "value": "Researchers have provided working proof-of-concept. Radiometer is not aware of any publicly available exploit at the time of publication."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233: Privilege Escalation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "When underlying OS is Windows7 or WinXp"}]}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "When underlying OS is Win8, Win10"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-693", "description": "CWE-693 \u2014 Protection Mechanism Failure", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "46b595e9-1acc-41cb-9398-adaf98d37a9b", "shortName": "Radiometer", "dateUpdated": "2025-12-17T14:07:28.754Z"}, "references": [{"url": "https://www.radiometer.com/myradiometer"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Local Radiometer representatives will contact all affected customers to discuss a permanent solution.\n\n\n\n<br>"}], "value": "Local Radiometer representatives will contact all affected customers to discuss a permanent solution."}], "source": {"discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2025-12-17T12:55:00.000Z", "value": "CVE published"}], "title": "Privilege boundary violation in Radiometer Products", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Only authorized people can physically access the analyzer.\n\n\n\n<br>"}], "value": "Only authorized people can physically access the analyzer."}], "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-17T21:46:47.889591Z", "id": "CVE-2025-14095", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-17T21:46:57.088Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-14095", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-17T21:46:47.889591Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-17T21:46:51.983Z"}}], "cna": {"title": "Privilege boundary violation in Radiometer Products", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "Florian Hauser and Fabian Weber from CODE WHITE GmbH"}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233: Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "When underlying OS is Windows7 or WinXp"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "When underlying OS is Win8, Win10"}]}], "affected": [{"vendor": "Radiometer Medical Aps", "product": "ABL90 FLEX and ABL90 FLEX PLUS Analyzers", "versions": [{"status": "affected", "version": "All application software versions with Windows 7, Windows XP as underlying OS", "versionType": "ABL90 DMS(Data Management System) Application"}, {"status": "affected", "version": "Application software versions < 3.5MR11 with Windows 10 as underlying OS"}], "defaultStatus": "unaffected"}, {"vendor": "Radiometer Medical Aps", "product": "AQT90 FLEX Analyzers", "versions": [{"status": "affected", "version": "All Application software versions <= 8.13 MR2", "versionType": "AQT90 DMS(Data Management System) Application"}], "defaultStatus": "unaffected"}, {"vendor": "Radiometer Medical Aps", "product": "ABL800 BASIC and ABL800 FLEX Analyzers", "versions": [{"status": "affected", "version": "Application software versions < 6.20 MR2 with Windows 7, Windows XP as underlying OS", "versionType": "ABL800 DMS(Data Management System)"}, {"status": "affected", "version": "Application software versions < 6.20 MR2 with Windows 10 as underlying OS", "versionType": "ABL800 DMS(Data Management System)"}], "defaultStatus": "unaffected"}, {"vendor": "Radiometer Medical Aps", "product": "ABL9 Analyzers", "versions": [{"status": "affected", "version": "Application software versions < 1.5.0", "versionType": "CABO application"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Researchers have provided working proof-of-concept. Radiometer is not aware of any publicly available exploit at the time of publication.", "supportingMedia": [{"type": "text/html", "value": "Researchers have provided working proof-of-concept. Radiometer is not aware of any publicly available exploit at the time of publication.\n\n<br>", "base64": false}]}], "timeline": [{"lang": "en", "time": "2025-12-17T12:55:00.000Z", "value": "CVE published"}], "solutions": [{"lang": "en", "value": "Local Radiometer representatives will contact all affected customers to discuss a permanent solution.", "supportingMedia": [{"type": "text/html", "value": "Local Radiometer representatives will contact all affected customers to discuss a permanent solution.\n\n\n\n<br>", "base64": false}]}], "datePublic": "2025-11-04T12:30:00.000Z", "references": [{"url": "https://www.radiometer.com/myradiometer"}], "workarounds": [{"lang": "en", "value": "Only authorized people can physically access the analyzer.", "supportingMedia": [{"type": "text/html", "value": "Only authorized people can physically access the analyzer.\n\n\n\n<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "A \"Privilege boundary violation\" vulnerability is identified affecting multiple Radiometer Products. Exploitation of this vulnerability gives a user with physical access to the analyzer, the possibility to gain unauthorized access to functionalities outside the restricted environment. The vulnerability is due to weakness in the design of access control implementation in application software.\u00a0\n\nOther related CVE's are CVE-2025-14096 & CVE-2025-14097.\n\nAffected customers have been informed about this vulnerability. This CVE is being published to provide transparency.\n\nRequired configuration for Exposure:\n\n\nPhysical access to the analyzer is needed.\n\nTemporary work Around:\n\n\nOnly authorized people can physically access the analyzer. \n\nPermanent solution:\nLocal Radiometer representatives will contact all affected customers to discuss a permanent solution.\n\n\n\nExploit Status:\nResearchers have provided working proof-of-concept. Radiometer is not aware of any publicly available exploit at the time of publication.\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Note: \n\nCVSS score 6.8 when underlying OS is Windows 7 or Windows XP Operating systems\u00a0and CVSS score 5.7 when underlying OS is Windows 8 or Windows 10 operating systems.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A \"Privilege boundary violation\" vulnerability is identified affecting multiple Radiometer Products. Exploitation of this vulnerability gives a user with physical access to the analyzer, the possibility to gain unauthorized access to functionalities outside the restricted environment. The vulnerability is due to weakness in the design of access control implementation in application software.&nbsp;<br><br>Other related CVE's are CVE-2025-14096 &amp; CVE-2025-14097.<br><br>Affected customers have been informed about this vulnerability. This CVE is being published to provide transparency.<br><br>Required configuration for Exposure:<br>\n\n<span style=\"background-color: rgb(255, 255, 255);\">Physical access to the analyzer is needed.<br></span><br>Temporary work Around:<br>\n\nOnly authorized people can physically access the analyzer. <span style=\"background-color: rgb(255, 255, 255);\"><br><br>Permanent solution:<br></span>Local Radiometer representatives will contact all affected customers to discuss a permanent solution.<span style=\"background-color: rgb(255, 255, 255);\"><br><br>\n\n<span style=\"background-color: rgb(255, 255, 255);\">Exploit Status:<br>Researchers have provided working proof-of-concept. Radiometer is not aware of any publicly available exploit at the time of publication.&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Note: \n\n<span style=\"background-color: rgb(255, 255, 255);\">CVSS score 6.8 when underlying OS is Windows 7 or Windows XP Operating systems</span>&nbsp;and CVSS score 5.7 when underlying OS is Windows 8 or Windows 10 operating systems.</span></span><br></span><p></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-693", "description": "CWE-693 \u2014 Protection Mechanism Failure"}]}], "configurations": [{"lang": "en", "value": "Physical access to the analyzer is needed", "supportingMedia": [{"type": "text/html", "value": "Physical access to the analyzer is needed\n\n<br>", "base64": false}]}], "providerMetadata": {"orgId": "46b595e9-1acc-41cb-9398-adaf98d37a9b", "shortName": "Radiometer", "dateUpdated": "2025-12-17T14:07:28.754Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14095", "state": "PUBLISHED", "dateUpdated": "2025-12-17T21:46:57.088Z", "dateReserved": "2025-12-05T10:49:53.501Z", "assignerOrgId": "46b595e9-1acc-41cb-9398-adaf98d37a9b", "datePublished": "2025-12-17T11:45:43.341Z", "assignerShortName": "Radiometer"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A \"Privilege boundary violation\" vulnerability is identified affecting multiple Radiometer Products. Exploitation of this vulnerability gives a user with physical access to the analyzer, the possibility to gain unauthorized access to functionalities outside the restricted environment. The vulnerability is due to weakness in the design of access control implementation in application software.\u00a0\n\nOther related CVE's are CVE-2025-14096 & CVE-2025-14097.\n\nAffected customers have been informed about this vulnerability. This CVE is being published to provide transparency.\n\nRequired configuration for Exposure:\n\n\nPhysical access to the analyzer is needed.\n\nTemporary work Around:\n\n\nOnly authorized people can physically access the analyzer. \n\nPermanent solution:\nLocal Radiometer representatives will contact all affected customers to discuss a permanent solution.\n\n\n\nExploit Status:\nResearchers have provided working proof-of-concept. Radiometer is not aware of any publicly available exploit at the time of publication.\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Note: \n\nCVSS score 6.8 when underlying OS is Windows 7 or Windows XP Operating systems\u00a0and CVSS score 5.7 when underlying OS is Windows 8 or Windows 10 operating systems."}], "id": "CVE-2025-14095", "lastModified": "2025-12-18T15:08:06.237", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "46b595e9-1acc-41cb-9398-adaf98d37a9b", "type": "Secondary"}]}, "published": "2025-12-17T12:15:45.570", "references": [{"source": "46b595e9-1acc-41cb-9398-adaf98d37a9b", "url": "https://www.radiometer.com/myradiometer"}], "sourceIdentifier": "46b595e9-1acc-41cb-9398-adaf98d37a9b", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-693"}], "source": "46b595e9-1acc-41cb-9398-adaf98d37a9b", "type": "Secondary"}]}

{}